NOTE : EEFF will henceforth be referred to as "File & Removable Media Protection".
The necessary changes for the new product name will be incorporated in the next release v4.3.
EEFF client v4.2 makes use of the McAfee Core Cryptographic Module(MCCM) which has been submitted for FIPS certification. EEFF now provides an option to install the product in FIPS mode.
What is McAfee Core Cryptographic Module (MCCM) module?
MCCM is a cross-platform, cross-product cryptographic module developed by McAfee which will be utilized in upcoming releases of all McAfee’s Endpoint Encryption products.
These cryptographic modules are being validated at FIPS 140-2 Level 1.
MCCM provides performance benefits and, in particular, leverages Intel®Advanced Encryption Standard Instructions (AES NI), resulting in additional performance improvements on systems with AES NI support.
What is the current certification status of MCCM module?
McAfee Core Cryptographic Module (user)and McAfee Core Cryptographic Module (kernel) FIPS 140-2 cryptographic modules have entered into Block 1 of the validation process, and are now officially listed as “Implementation Under Test (IUT)” on the NIST website.
When can customers operate the product in a FIPS certified manner?
As soon as the MCCM module is FIPS certified.
Please note that there is a chance that there might be further changes required to be incorporated in the MCCM module or the product itself based on feedback from NIST.
Do I also need to run ePO in FIPS mode?
Each customer should review their overall configuration with the appropriate auditor to determine whether they need to run ePO in FIPS mode or not. Discussions with their auditor should determine whether both client & server need to operate in FIPS mode or simply just the clients. There are restrictions, such as ePO can only manage FIPS certified products when operating in FIPS mode.